github.com/cryptotooltop/go-ethereum@v0.0.0-20231103184714-151d1922f3e5/node/config.go (about) 1 // Copyright 2014 The go-ethereum Authors 2 // This file is part of the go-ethereum library. 3 // 4 // The go-ethereum library is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU Lesser General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // The go-ethereum library is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU Lesser General Public License for more details. 13 // 14 // You should have received a copy of the GNU Lesser General Public License 15 // along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>. 16 17 package node 18 19 import ( 20 "crypto/ecdsa" 21 "fmt" 22 "io/ioutil" 23 "os" 24 "path/filepath" 25 "runtime" 26 "strings" 27 "sync" 28 29 "github.com/scroll-tech/go-ethereum/common" 30 "github.com/scroll-tech/go-ethereum/crypto" 31 "github.com/scroll-tech/go-ethereum/log" 32 "github.com/scroll-tech/go-ethereum/p2p" 33 "github.com/scroll-tech/go-ethereum/p2p/enode" 34 "github.com/scroll-tech/go-ethereum/rpc" 35 ) 36 37 const ( 38 datadirPrivateKey = "nodekey" // Path within the datadir to the node's private key 39 datadirDefaultKeyStore = "keystore" // Path within the datadir to the keystore 40 datadirStaticNodes = "static-nodes.json" // Path within the datadir to the static node list 41 datadirTrustedNodes = "trusted-nodes.json" // Path within the datadir to the trusted node list 42 datadirNodeDatabase = "nodes" // Path within the datadir to store the node infos 43 ) 44 45 // Config represents a small collection of configuration values to fine tune the 46 // P2P network layer of a protocol stack. These values can be further extended by 47 // all registered services. 48 type Config struct { 49 // Name sets the instance name of the node. It must not contain the / character and is 50 // used in the devp2p node identifier. The instance name of geth is "geth". If no 51 // value is specified, the basename of the current executable is used. 52 Name string `toml:"-"` 53 54 // UserIdent, if set, is used as an additional component in the devp2p node identifier. 55 UserIdent string `toml:",omitempty"` 56 57 // Version should be set to the version number of the program. It is used 58 // in the devp2p node identifier. 59 Version string `toml:"-"` 60 61 // DataDir is the file system folder the node should use for any data storage 62 // requirements. The configured data directory will not be directly shared with 63 // registered services, instead those can use utility methods to create/access 64 // databases or flat files. This enables ephemeral nodes which can fully reside 65 // in memory. 66 DataDir string 67 68 // Configuration of peer-to-peer networking. 69 P2P p2p.Config 70 71 // KeyStoreDir is the file system folder that contains private keys. The directory can 72 // be specified as a relative path, in which case it is resolved relative to the 73 // current directory. 74 // 75 // If KeyStoreDir is empty, the default location is the "keystore" subdirectory of 76 // DataDir. If DataDir is unspecified and KeyStoreDir is empty, an ephemeral directory 77 // is created by New and destroyed when the node is stopped. 78 KeyStoreDir string `toml:",omitempty"` 79 80 // ExternalSigner specifies an external URI for a clef-type signer 81 ExternalSigner string `toml:",omitempty"` 82 83 // UseLightweightKDF lowers the memory and CPU requirements of the key store 84 // scrypt KDF at the expense of security. 85 UseLightweightKDF bool `toml:",omitempty"` 86 87 // InsecureUnlockAllowed allows user to unlock accounts in unsafe http environment. 88 InsecureUnlockAllowed bool `toml:",omitempty"` 89 90 // NoUSB disables hardware wallet monitoring and connectivity. 91 // Deprecated: USB monitoring is disabled by default and must be enabled explicitly. 92 NoUSB bool `toml:",omitempty"` 93 94 // USB enables hardware wallet monitoring and connectivity. 95 USB bool `toml:",omitempty"` 96 97 // SmartCardDaemonPath is the path to the smartcard daemon's socket 98 SmartCardDaemonPath string `toml:",omitempty"` 99 100 // IPCPath is the requested location to place the IPC endpoint. If the path is 101 // a simple file name, it is placed inside the data directory (or on the root 102 // pipe path on Windows), whereas if it's a resolvable path name (absolute or 103 // relative), then that specific path is enforced. An empty path disables IPC. 104 IPCPath string 105 106 // HTTPHost is the host interface on which to start the HTTP RPC server. If this 107 // field is empty, no HTTP API endpoint will be started. 108 HTTPHost string 109 110 // HTTPPort is the TCP port number on which to start the HTTP RPC server. The 111 // default zero value is/ valid and will pick a port number randomly (useful 112 // for ephemeral nodes). 113 HTTPPort int `toml:",omitempty"` 114 115 // HTTPCors is the Cross-Origin Resource Sharing header to send to requesting 116 // clients. Please be aware that CORS is a browser enforced security, it's fully 117 // useless for custom HTTP clients. 118 HTTPCors []string `toml:",omitempty"` 119 120 // HTTPVirtualHosts is the list of virtual hostnames which are allowed on incoming requests. 121 // This is by default {'localhost'}. Using this prevents attacks like 122 // DNS rebinding, which bypasses SOP by simply masquerading as being within the same 123 // origin. These attacks do not utilize CORS, since they are not cross-domain. 124 // By explicitly checking the Host-header, the server will not allow requests 125 // made against the server with a malicious host domain. 126 // Requests using ip address directly are not affected 127 HTTPVirtualHosts []string `toml:",omitempty"` 128 129 // HTTPModules is a list of API modules to expose via the HTTP RPC interface. 130 // If the module list is empty, all RPC API endpoints designated public will be 131 // exposed. 132 HTTPModules []string 133 134 // HTTPTimeouts allows for customization of the timeout values used by the HTTP RPC 135 // interface. 136 HTTPTimeouts rpc.HTTPTimeouts 137 138 // HTTPPathPrefix specifies a path prefix on which http-rpc is to be served. 139 HTTPPathPrefix string `toml:",omitempty"` 140 141 // WSHost is the host interface on which to start the websocket RPC server. If 142 // this field is empty, no websocket API endpoint will be started. 143 WSHost string 144 145 // WSPort is the TCP port number on which to start the websocket RPC server. The 146 // default zero value is/ valid and will pick a port number randomly (useful for 147 // ephemeral nodes). 148 WSPort int `toml:",omitempty"` 149 150 // WSPathPrefix specifies a path prefix on which ws-rpc is to be served. 151 WSPathPrefix string `toml:",omitempty"` 152 153 // WSOrigins is the list of domain to accept websocket requests from. Please be 154 // aware that the server can only act upon the HTTP request the client sends and 155 // cannot verify the validity of the request header. 156 WSOrigins []string `toml:",omitempty"` 157 158 // WSModules is a list of API modules to expose via the websocket RPC interface. 159 // If the module list is empty, all RPC API endpoints designated public will be 160 // exposed. 161 WSModules []string 162 163 // WSExposeAll exposes all API modules via the WebSocket RPC interface rather 164 // than just the public ones. 165 // 166 // *WARNING* Only set this if the node is running in a trusted network, exposing 167 // private APIs to untrusted users is a major security risk. 168 WSExposeAll bool `toml:",omitempty"` 169 170 // GraphQLCors is the Cross-Origin Resource Sharing header to send to requesting 171 // clients. Please be aware that CORS is a browser enforced security, it's fully 172 // useless for custom HTTP clients. 173 GraphQLCors []string `toml:",omitempty"` 174 175 // GraphQLVirtualHosts is the list of virtual hostnames which are allowed on incoming requests. 176 // This is by default {'localhost'}. Using this prevents attacks like 177 // DNS rebinding, which bypasses SOP by simply masquerading as being within the same 178 // origin. These attacks do not utilize CORS, since they are not cross-domain. 179 // By explicitly checking the Host-header, the server will not allow requests 180 // made against the server with a malicious host domain. 181 // Requests using ip address directly are not affected 182 GraphQLVirtualHosts []string `toml:",omitempty"` 183 184 // Logger is a custom logger to use with the p2p.Server. 185 Logger log.Logger `toml:",omitempty"` 186 187 staticNodesWarning bool 188 trustedNodesWarning bool 189 oldGethResourceWarning bool 190 191 // AllowUnprotectedTxs allows non EIP-155 protected transactions to be send over RPC. 192 AllowUnprotectedTxs bool `toml:",omitempty"` 193 194 // Endpoint of L1 HTTP-RPC server 195 L1Endpoint string `toml:",omitempty"` 196 // Number of confirmations on L1 needed for finalization 197 L1Confirmations rpc.BlockNumber `toml:",omitempty"` 198 // L1 bridge deployment block number 199 L1DeploymentBlock uint64 `toml:",omitempty"` 200 } 201 202 // IPCEndpoint resolves an IPC endpoint based on a configured value, taking into 203 // account the set data folders as well as the designated platform we're currently 204 // running on. 205 func (c *Config) IPCEndpoint() string { 206 // Short circuit if IPC has not been enabled 207 if c.IPCPath == "" { 208 return "" 209 } 210 // On windows we can only use plain top-level pipes 211 if runtime.GOOS == "windows" { 212 if strings.HasPrefix(c.IPCPath, `\\.\pipe\`) { 213 return c.IPCPath 214 } 215 return `\\.\pipe\` + c.IPCPath 216 } 217 // Resolve names into the data directory full paths otherwise 218 if filepath.Base(c.IPCPath) == c.IPCPath { 219 if c.DataDir == "" { 220 return filepath.Join(os.TempDir(), c.IPCPath) 221 } 222 return filepath.Join(c.DataDir, c.IPCPath) 223 } 224 return c.IPCPath 225 } 226 227 // NodeDB returns the path to the discovery node database. 228 func (c *Config) NodeDB() string { 229 if c.DataDir == "" { 230 return "" // ephemeral 231 } 232 return c.ResolvePath(datadirNodeDatabase) 233 } 234 235 // DefaultIPCEndpoint returns the IPC path used by default. 236 func DefaultIPCEndpoint(clientIdentifier string) string { 237 if clientIdentifier == "" { 238 clientIdentifier = strings.TrimSuffix(filepath.Base(os.Args[0]), ".exe") 239 if clientIdentifier == "" { 240 panic("empty executable name") 241 } 242 } 243 config := &Config{DataDir: DefaultDataDir(), IPCPath: clientIdentifier + ".ipc"} 244 return config.IPCEndpoint() 245 } 246 247 // HTTPEndpoint resolves an HTTP endpoint based on the configured host interface 248 // and port parameters. 249 func (c *Config) HTTPEndpoint() string { 250 if c.HTTPHost == "" { 251 return "" 252 } 253 return fmt.Sprintf("%s:%d", c.HTTPHost, c.HTTPPort) 254 } 255 256 // DefaultHTTPEndpoint returns the HTTP endpoint used by default. 257 func DefaultHTTPEndpoint() string { 258 config := &Config{HTTPHost: DefaultHTTPHost, HTTPPort: DefaultHTTPPort} 259 return config.HTTPEndpoint() 260 } 261 262 // WSEndpoint resolves a websocket endpoint based on the configured host interface 263 // and port parameters. 264 func (c *Config) WSEndpoint() string { 265 if c.WSHost == "" { 266 return "" 267 } 268 return fmt.Sprintf("%s:%d", c.WSHost, c.WSPort) 269 } 270 271 // DefaultWSEndpoint returns the websocket endpoint used by default. 272 func DefaultWSEndpoint() string { 273 config := &Config{WSHost: DefaultWSHost, WSPort: DefaultWSPort} 274 return config.WSEndpoint() 275 } 276 277 // ExtRPCEnabled returns the indicator whether node enables the external 278 // RPC(http, ws or graphql). 279 func (c *Config) ExtRPCEnabled() bool { 280 return c.HTTPHost != "" || c.WSHost != "" 281 } 282 283 // NodeName returns the devp2p node identifier. 284 func (c *Config) NodeName() string { 285 name := c.name() 286 // Backwards compatibility: previous versions used title-cased "Geth", keep that. 287 if name == "geth" || name == "geth-testnet" { 288 name = "Geth" 289 } 290 if c.UserIdent != "" { 291 name += "/" + c.UserIdent 292 } 293 if c.Version != "" { 294 name += "/v" + c.Version 295 } 296 name += "/" + runtime.GOOS + "-" + runtime.GOARCH 297 name += "/" + runtime.Version() 298 return name 299 } 300 301 func (c *Config) name() string { 302 if c.Name == "" { 303 progname := strings.TrimSuffix(filepath.Base(os.Args[0]), ".exe") 304 if progname == "" { 305 panic("empty executable name, set Config.Name") 306 } 307 return progname 308 } 309 return c.Name 310 } 311 312 // These resources are resolved differently for "geth" instances. 313 var isOldGethResource = map[string]bool{ 314 "chaindata": true, 315 "nodes": true, 316 "nodekey": true, 317 "static-nodes.json": false, // no warning for these because they have their 318 "trusted-nodes.json": false, // own separate warning. 319 } 320 321 // ResolvePath resolves path in the instance directory. 322 func (c *Config) ResolvePath(path string) string { 323 if filepath.IsAbs(path) { 324 return path 325 } 326 if c.DataDir == "" { 327 return "" 328 } 329 // Backwards-compatibility: ensure that data directory files created 330 // by geth 1.4 are used if they exist. 331 if warn, isOld := isOldGethResource[path]; isOld { 332 oldpath := "" 333 if c.name() == "geth" { 334 oldpath = filepath.Join(c.DataDir, path) 335 } 336 if oldpath != "" && common.FileExist(oldpath) { 337 if warn { 338 c.warnOnce(&c.oldGethResourceWarning, "Using deprecated resource file %s, please move this file to the 'geth' subdirectory of datadir.", oldpath) 339 } 340 return oldpath 341 } 342 } 343 return filepath.Join(c.instanceDir(), path) 344 } 345 346 func (c *Config) instanceDir() string { 347 if c.DataDir == "" { 348 return "" 349 } 350 return filepath.Join(c.DataDir, c.name()) 351 } 352 353 // NodeKey retrieves the currently configured private key of the node, checking 354 // first any manually set key, falling back to the one found in the configured 355 // data folder. If no key can be found, a new one is generated. 356 func (c *Config) NodeKey() *ecdsa.PrivateKey { 357 // Use any specifically configured key. 358 if c.P2P.PrivateKey != nil { 359 return c.P2P.PrivateKey 360 } 361 // Generate ephemeral key if no datadir is being used. 362 if c.DataDir == "" { 363 key, err := crypto.GenerateKey() 364 if err != nil { 365 log.Crit(fmt.Sprintf("Failed to generate ephemeral node key: %v", err)) 366 } 367 return key 368 } 369 370 keyfile := c.ResolvePath(datadirPrivateKey) 371 if key, err := crypto.LoadECDSA(keyfile); err == nil { 372 return key 373 } 374 // No persistent key found, generate and store a new one. 375 key, err := crypto.GenerateKey() 376 if err != nil { 377 log.Crit(fmt.Sprintf("Failed to generate node key: %v", err)) 378 } 379 instanceDir := filepath.Join(c.DataDir, c.name()) 380 if err := os.MkdirAll(instanceDir, 0700); err != nil { 381 log.Error(fmt.Sprintf("Failed to persist node key: %v", err)) 382 return key 383 } 384 keyfile = filepath.Join(instanceDir, datadirPrivateKey) 385 if err := crypto.SaveECDSA(keyfile, key); err != nil { 386 log.Error(fmt.Sprintf("Failed to persist node key: %v", err)) 387 } 388 return key 389 } 390 391 // StaticNodes returns a list of node enode URLs configured as static nodes. 392 func (c *Config) StaticNodes() []*enode.Node { 393 return c.parsePersistentNodes(&c.staticNodesWarning, c.ResolvePath(datadirStaticNodes)) 394 } 395 396 // TrustedNodes returns a list of node enode URLs configured as trusted nodes. 397 func (c *Config) TrustedNodes() []*enode.Node { 398 return c.parsePersistentNodes(&c.trustedNodesWarning, c.ResolvePath(datadirTrustedNodes)) 399 } 400 401 // parsePersistentNodes parses a list of discovery node URLs loaded from a .json 402 // file from within the data directory. 403 func (c *Config) parsePersistentNodes(w *bool, path string) []*enode.Node { 404 // Short circuit if no node config is present 405 if c.DataDir == "" { 406 return nil 407 } 408 if _, err := os.Stat(path); err != nil { 409 return nil 410 } 411 c.warnOnce(w, "Found deprecated node list file %s, please use the TOML config file instead.", path) 412 413 // Load the nodes from the config file. 414 var nodelist []string 415 if err := common.LoadJSON(path, &nodelist); err != nil { 416 log.Error(fmt.Sprintf("Can't load node list file: %v", err)) 417 return nil 418 } 419 // Interpret the list as a discovery node array 420 var nodes []*enode.Node 421 for _, url := range nodelist { 422 if url == "" { 423 continue 424 } 425 node, err := enode.Parse(enode.ValidSchemes, url) 426 if err != nil { 427 log.Error(fmt.Sprintf("Node URL %s: %v\n", url, err)) 428 continue 429 } 430 nodes = append(nodes, node) 431 } 432 return nodes 433 } 434 435 // KeyDirConfig determines the settings for keydirectory 436 func (c *Config) KeyDirConfig() (string, error) { 437 var ( 438 keydir string 439 err error 440 ) 441 switch { 442 case filepath.IsAbs(c.KeyStoreDir): 443 keydir = c.KeyStoreDir 444 case c.DataDir != "": 445 if c.KeyStoreDir == "" { 446 keydir = filepath.Join(c.DataDir, datadirDefaultKeyStore) 447 } else { 448 keydir, err = filepath.Abs(c.KeyStoreDir) 449 } 450 case c.KeyStoreDir != "": 451 keydir, err = filepath.Abs(c.KeyStoreDir) 452 } 453 return keydir, err 454 } 455 456 // getKeyStoreDir retrieves the key directory and will create 457 // and ephemeral one if necessary. 458 func getKeyStoreDir(conf *Config) (string, bool, error) { 459 keydir, err := conf.KeyDirConfig() 460 if err != nil { 461 return "", false, err 462 } 463 isEphemeral := false 464 if keydir == "" { 465 // There is no datadir. 466 keydir, err = ioutil.TempDir("", "go-ethereum-keystore") 467 isEphemeral = true 468 } 469 470 if err != nil { 471 return "", false, err 472 } 473 if err := os.MkdirAll(keydir, 0700); err != nil { 474 return "", false, err 475 } 476 477 return keydir, isEphemeral, nil 478 } 479 480 var warnLock sync.Mutex 481 482 func (c *Config) warnOnce(w *bool, format string, args ...interface{}) { 483 warnLock.Lock() 484 defer warnLock.Unlock() 485 486 if *w { 487 return 488 } 489 l := c.Logger 490 if l == nil { 491 l = log.Root() 492 } 493 l.Warn(fmt.Sprintf(format, args...)) 494 *w = true 495 }